<?php
    require_once './funcoes/base_dados.php';
    require_once './funcoes/utilitarios.php';

    session_start();
   
	$username = "";
    $password = "";  
    
    if (isset($_GET['logout'])){
        session_destroy();
    }
    
    if (isset($_SESSION['username'])){
        redirect('index.php');
    }
    
    if (isset($_POST['username'])){
        $username = $_POST['username'];
        $password = $_POST['password'];
        $dados = valida_utilizador($username, $password);  
        
        if ($dados){
            $valido = TRUE;
            $_SESSION['username'] = $dados['username'];
            $_SESSION['nome'] = $dados['nome'];
            $_SESSION['perfil'] = $dados['perfil'];
            redirect('index.php');
        }else{
            $valido = FALSE;
        }               
    }       
    
?>


<!DOCTYPE html>
<html>
    <head>
        <meta charset="UTF-8">
        <title>Autenticar</title>
		<link rel="stylesheet" type="text/css" href="login.css" media="screen"/>
    </head>
    <body>
	<div id="inicio">
        <h1> 2018 FIFA WC RUSSIA </h1>
		<hr>
      
        <form method="post">
            <p>
                <label for="username">Username:</label>
                <input type="text" id="username" name="username" value="<?= $username ?>" />
            </p>
            <p>
                <label for="password">Password: </label>
                <input type="password" id="password" name="password" />
                <?php
                    if (isset($valido) && $valido !== TRUE){
                        echo 'Username e/ou password incorretos';
                    }
                ?>
            </p>
			
			<!--mysql_real_escape_String($username);-->
			
            <input type="submit" id="autenticar" value="Autenticar"/>
			<a href="PaginaInicial.php">Cancelar</a>
			<br><br>
        </form>
		</div>
        
    </body>
</html>
